1 files changed, 3 insertions, 0 deletions

diff --git a/logcheck/ignore.d.server/ssh b/logcheck/ignore.d.server/ssh
index d64d593..56e072a 100644
--- a/logcheck/ignore.d.server/ssh
+++ b/logcheck/ignore.d.server/ssh
@@ -9,3 +9,6 @@
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: refused connect from .*
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: Received disconnect from [\.0-9]+: 11: Disconnect requested by Windows SSH Client.$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: subsystem request for sftp$
+
+# Cracking attempts are too common, so clutters more than it helps to warn about them
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: (Failed password from illegal|Illegal) user [[:alnum:]]+ from [\.0-9]+ port [0-9]+( ssh2)?$